AU2004306594B2 - Data converter - Google Patents

Data converter Download PDF

Info

Publication number
AU2004306594B2
AU2004306594B2 AU2004306594A AU2004306594A AU2004306594B2 AU 2004306594 B2 AU2004306594 B2 AU 2004306594B2 AU 2004306594 A AU2004306594 A AU 2004306594A AU 2004306594 A AU2004306594 A AU 2004306594A AU 2004306594 B2 AU2004306594 B2 AU 2004306594B2
Authority
AU
Australia
Prior art keywords
data
finite field
conversion
unit
polynomial
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
AU2004306594A
Other versions
AU2004306594A1 (en
Inventor
Motoji Ohmori
Makoto Tatebayashi
Makoto Usui
Masato Yamamichi
Kaoru Yokota
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Panasonic Corp
Original Assignee
Panasonic Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to JP2003-353439 priority Critical
Priority to JP2003353439 priority
Application filed by Panasonic Corp filed Critical Panasonic Corp
Priority to PCT/JP2004/014570 priority patent/WO2005036811A2/en
Publication of AU2004306594A1 publication Critical patent/AU2004306594A1/en
Assigned to PANASONIC CORPORATION reassignment PANASONIC CORPORATION Alteration of Name(s) of Applicant(s) under S113 Assignors: MATSUSHITA ELECTRIC INDUSTRIAL CO., LTD.
Publication of AU2004306594B2 publication Critical patent/AU2004306594B2/en
Application granted granted Critical
Application status is Active legal-status Critical
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/60Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers
    • G06F7/72Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers using residue arithmetic
    • G06F7/724Finite field arithmetic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communication the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0625Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation with splitting of the data block into left and right halves, e.g. Feistel based algorithms, DES, FEAL, IDEA or KASUMI
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2207/00Indexing scheme relating to methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F2207/72Indexing scheme relating to groups G06F7/72 - G06F7/729
    • G06F2207/7209Calculation via subfield, i.e. the subfield being GF(q) with q a prime power, e.g. GF ((2**m)**n) via GF(2**m)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/34Encoding or coding, e.g. Huffman coding or error correction
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution

Description

WO 2005/036811 PCT/JP2004/014570 DESCRIPTION DATA CONVERTER AND METHOD THEREOF Technical Field ' 5 The present invention relates to a data converter that realizes a data conversion system used for an authentication system and to a method thereof, in particular to a data converter that can be realized in an especially small size of implementation scale and has a high data confusion and to a method thereof. 10 Background Art In a challenge-response authentication system which is one of a method for examining a validity of a communication partner and the like, a secret conversion system is necessary for both 15 authenticating and authenticated sides. As requirements for the secret conversion system, it is wished not only to have high data confusion performance (avalanche performance) but also to mount the method onto an apparatus at low cost. As a conventional example of a data conversion system, there 20 is a system of using a secret key encryption system. For example, in the case of where the challenge-response authentication system is realized by a data conversion system using a 56 bits key length Data Encryption Standard (DES) encryption system (for details about the DES encryption system, refer to Menezes, Alfred J., et al., 25 "HANDBOOK of APPLIED CRYPTOGRAPHY", CRC Press, 1997: 252-256), both of the authenticating side and the authenticated side secretly store a 56 bits key of the DES encryption system as an authentication key. Also, a plaintext and encrypted text of the DES encryption system are respectively determined as an input and an 30 output for the data converting system. Accordingly, the DES encryption method can be used for a secret data converting system for an authentication (for details about the authentication system, -1refer to Menezes, Alfred .., et al., "HANDBOOK of APPLIED CRYPTOGRAPHY", CRC Press, 1997: 400-403). However, the secret key encryption system such as the DES encryption system is not constructed considering for sharing a circuit with 5 other circuits that are mounted together with an encryption circuit in an apparatus. Therefore, it needs to be mounted as a circuit independent from other circuits. Accordingly, in a data conversion system using the conventional secret key encryption system, an encryption circuit is independently mounted separately from other circuits in the apparatus so 10 that a scale of the circuit in the apparatus as a whole becomes large. That is, in order to realize an apparatus at a low cost, it is generally required to make a total scale of the circuit mounted in the apparatus smaller as possible. Therefore, it is desirable for the encryption circuit mounted in the apparatus to share the circuit with other circuits. However, it is not realized 15 in the conventional structure. Considering the above mentioned problem, the present invention aims to provide a data converter capable of reducing the total size of the implementation scale in an apparatus. 20 Disclosure of Invention According to one aspect of the present invention there is provided a data converter comprising: an obtaining unit operable to obtain a plurality of data blocks; a conversion performing unit operable to perform conversion on each 25 one of the plurality of data blocks, the conversion being based on an exponentiation to a predetermined exponent in a polynomial ring with a value in a finite field GF (2n) as a coefficient, the n being a natural number, and the exponentiation using a predetermined value as an exponent; and an output data generating unit operable to generate output data 30 based on the plurality of data blocks converted by the conversion performing unit, wherein the predetermined value is a value that is 3 or larger and other than 2', the m being an integer which is 1 or larger, and in the polynomial ring, addition of a coefficient of a polynomial is addition in the -2 2229943_1 (GHMatters) 20/04/10 finite field GF (2"), and multiplication of a coefficient of a polynomial is multiplication in the finite field GF (2"). According to another aspect of the present invention there is 5 provided a data conversion method comprising: obtaining a plurality of data blocks; performing conversion on each one of the plurality of data blocks, the conversion being based on an exponentiation in a polynomial ring with a value in a finite field GF ( 2 ") as a coefficient, the n being a natural number, 10 and the exponentiation using a predetermined value as an exponent; and generating output data based on the plurality of data blocks converted by the conversion performance, wherein the predetermined value is a value that is 3 or larger and except 2 m, the m being an integer which is 1 or larger, and in the 15 polynomial ring, addition of a coefficient of a polynomial is addition in the finite field GF (2"), and multiplication of a coefficient of a polynomial is multiplication in the finite field GF (2n). According to another aspect of the present invention there is 20 provided an integrated circuit comprising: a finite field multiplying unit operable to perform multiplication in a finite field GF (2"), the n being a natural number; an error-correction coding unit operable to perform error-correction coding on input data by performing multiplication in the finite field GF (2") 25 using the finite field multiplying unit; a splitting unit operable to split the input data into a plurality of data blocks; a conversion performing unit operable to perform conversion on each one of the plurality of data blocks, the conversion being based on an 30 exponentiation to a predetermined exponent in a polynomial ring with a value in the finite field GF (2") as a coefficient and the exponentiation using a predetermined value as an exponent; and an output data generating unit operable to generate output data based on the plurality of data blocks converted by the conversion -3 2229943 1 (GHManlers) 20104/10 performing unit, wherein the predetermined value is a value that is 3 or larger and other than 2", the m being an integer that is 1 or larger, and in the polynomial ring, addition of a coefficient of a polynomial is addition in the 5 finite field GF (2"), and multiplication of a coefficient of a polynomial is multiplication in the finite field GF (2"). According to another aspect of the present invention there is provided a program that causes a computer to execute: 10 obtaining a plurality of data blocks; performing conversion on each one of the plurality of data blocks using a finite field multiplying unit operable to perform multiplication in a finite field GF (2"), the n being a natural number, the conversion being based on an exponentiation in a polynomial ring with a value in the finite 15 field GF ( 2 ") as a coefficient; and the exponentiation using a predetermined value as an exponent; and generating output data based on the plurality of data blocks converted by the conversion performance, wherein the predetermined value is a value that is 3 or larger and 20 other than 2 m, the m being an integer which is 1 or larger, and in the polynomial ring, addition of a coefficient of a polynomial is addition in the finite field GF (2"), and multiplication of a coefficient of a polynomial is multiplication in the finite field GF (2n). 25 As further information about technical background to this application, the disclosure of Japanese Patent Application No. 2003-353439 filed on October 14, 2003 including specification, drawings and claims is incorporated herein by reference in its entirety. 30 Brief Description of Drawings Objects, advantages and features of the invention will become apparent from the following description thereof taken in conjunction with the accompanying drawings that illustrate a specific embodiment of the invention. In the Drawings: 35 FIG. 1 is a block diagram showing an authentication system - 3a 2229943_1 (GHMatters) 20/04/10 WO 2005/036811 PCT/JP2004/014570 according to an embodiment of the present invention. FIG. 2 is a block diagram showing an example of a configuration of a data converter according to the embodiment of the present invention. 5 FIG. 3 is a block diagram showing an example of a configuration of a finite field cubing unit according to the embodiment of the present invention. FIG. 4 is a block diagram showing an example of a configuration of a finite field polynomial multiplying unit according 10 to the embodiment of the present invention. FIG. 5 is a block diagram showing an example of a configuration of a first converter according to the embodiment of the present invention. FIG. 6 is a block diagram showing an example of a 15 configuration of a second converter according to the embodiment of the present invention. FIG. 7 is a block diagram showing an example of a configuration of a finite field multiplying unit according to the embodiment of the present invention. 20 FIG. 8 is a block diagram showing an example of a configuration of a finite field doubling unit according to the embodiment of the present invention. FIG. 9 is a block diagram showing an example of a system configuration in the case where the converter by the present 25 invention is applied to a content distribution system. FIG. 10 is an outside drawing of an LSI of an error-correction/data converter. FIG. 11 is a block diagram showing an example of a configuration of the error-correction/data converter. 30 Best Mode for Carrying Out the Invention The following explains about an embodiment of the present -4- WO 2005/036811 PCT/JP2004/014570 invention with references to diagrams. (Configuration of Authentication System with Data Converter) FIG. 1 is a block diagram showing a configuration of an authentication system according to an embodiment of the present 5 invention. In the authentication system, an authenticating apparatus 3 authenticates an authenticated apparatus 4 by a challenge-response authentication system. As a specific example of the present authentication system, for example, it is represented by a keyless entry system for a car in which the authenticating 10 apparatus 3 is an on-vehicle equipment for controlling open and close of a door of the car and the authenticated apparatus 4 is a portable terminal held by a user for opening and closing the door of the car. The authenticating apparatus 3 generates random data with 15 64 bits in a random number generation apparatus 5 and sends it to the authenticated apparatus 4 as challenge data. The authenticated apparatus 4 converts received challenge data in the data converter 2 and sends 64 bits converted data which is a result of the conversion to the authenticating apparatus 3 as response data. 20 The authenticating apparatus 3 converts the random number data in the data converter 1 while the authenticated apparatus 4 is performing the above mentioned processing and generates 64 bits converted data as the result of the conversion. The authenticating apparatus 3 then compares, in a data comparison device 6, the 25 response data received from the authenticated apparatus 4 with the converted data and authenticates the authenticated apparatus 4 as valid only when both data correspond to each other. Here, the data converter 1 in the authenticating apparatus 3 and the data converter 2 in the authenticated apparatus 4 perform the same conversion 30 processing and content of the processing is shared secretly between the authenticating apparatus 3 and the authenticated apparatus 4. (Configurations of Data Converter 1 and 2) -5 - Whereas the data converters 1 and 2 have a same configuration, the following explains only about an internal configuration of the data converter 1. FIG. 2 is a diagram showing an internal configuration of the 5 data converter 1. The data converter 1 is a processing apparatus that performs a predetermined secret converting processing on input data with 64 bits and generates output data with 64 bits. It has a finite field polynomial cubing unit 10, a data integrating units 11a~11d, 12 and 13, a first converter 14, a second converter 15, 10 data splitting unit 16, and a data integrating unit 17. The following explains about internal performances when input data with 64 bits is inputted into the data converter 1. Firstly, the data splitting unit 16 split, from high-ordered bits, the 64 bit input data into two data blocks each having 32 bits. Here, is the high-ordered 32 bit data block is called data A and the low ordered 32 bit data block is called data B. The data A is inputted into the data integrating units 11a and 1lc and the, data B is inputted into the data integrating units lb and lId. The data integrating units 11a and 11c respectively perform exclusive OR operation (XOR), for 20 each bit, on the inputted 32 bit data A with a fixed 32 bits data K1 and K3 and output 32 bit data AO and Al. Further, the data integrating units 11b and lid respectively perform the exclusive OR operation (XOR), for each bit, on the 32 bit data B with fixed bit data K2 and K4 and output 32 bit data BO and B1. Here, the 32 bit data 25 K1 to K4 are fixed values determined in predetermined values. Next, the finite field polynomial cubing unit 10 cubes each of the 32 bit data AO, BO, Al and B1 in a polynomial ring with a value in a finite field GF (2 8 )as a coefficient which is described later and calculates respectively 32 bit data of (AO) 3 , (BO) 3 , (A1) 3 , and (B1) 3 . 30 The detail about processes of the finite field polynomial cubing unit 10 is explained later. 997284_1 (GHMaters) 8/01/10 Next, the 32 bit data (AO) 3 and (BO) 3 are inputted to the data integrating unit 12 and the 32 bit data (Al) 3 and (B1) 3 are inputted to the data integrating unit 13. The data integrating unit 12 and the data integrating unit 13 5 perform an exclusive OR operation for each bit respectively on two inputted 32 bit data and output 32 bit data of (AO) 3

(+)(BO)

3 and (A1) 3 (+)(B1) 3 . Here, "X(+)Y" means the exclusive OR operation (XOR), for each bit, between X and Y. The first converter 14 then performs a predetermined 10 conversion on the 32 bit data of (AO) 3

(+)(BO)

3 based on an operation in a finite field GF (28) which is explained later and outputs 32 bit data GO. Also, the second converter 15 performs a predetermined conversion on the (A1) 3 (+)(B1) 3 based on an operation in the finite field GF (28) and outputs 32 bit data G1. 15 After the above processes, the data integrating unit 17 connects the 32 bit data GO as the high-ordered 32 bits and the 32 bit data G1 as the low-ordered 32 bits and outputs the result as 64 bit data. The 64 bit data is output data of the data converter 1. Next, it is explained about an internal configuration and 20 performances of the finite field polynomial cubing unit 10 (Internal Configuration of Finite Field Polynomial Cubing Unit 10) FIG. 3 is a diagram showing an example of the internal configuration of the finite field polynomial cubing unit 10. The finite 25 field polynomial cubing unit 10 is a processing unit of cubing in the polynomial ring with a value in the finite field GF (28) as a coefficient. It is composed of an input control unit 101, a finite field polynomial multiplying unit 100 and an output controlling unit 102. The input controlling unit 101 performs a control so that one 30 of the two blocks of input data is outputted. The finite field polynomial multiplying unit 100 multiplies the two blocks of input 997284_1 (GHiMatters) 8/01/10 7 data in the polynomial ring with a value in the finite field GF (28) as a coefficient. The output controlling unit 102 performs a control so that the input data is outputted to one of the two output destinations. Hereafter, it is explained about internal performances when 32 5 bit input data X is inputted to the finite field polynomial cubing unit 10. The input data X is inputted to the input controlling unit 101 and the finite field polynomial multiplying unit 100. The input control unit 101 inputs the input data X directly to the finite field polynomial multiplying unit 100. The finite field polynomial multiplying unit 100 10 multiplies the 32 bit data X inputted from outside and the 32 bit data X inputted from the input controlling unit 101 in the polynomial ring with a value in the finite field GF (28) as a coefficient (details are explained later), outputs the multiplication result X 2 , and inputs it to the output controlling unit 102. It is explained later about the 15 detailed processes of the finite field polynomial multiplying unit 100. The output controlling unit 102 inputs the input data X 2 directly to the input controlling unit 101. The input controlling unit 101 then inputs the input data X 2 to the finite field polynomial multiplying unit 100. 20 The finite field polynomial multiplying unit 100 multiplies the input data X 2 and the input data X and inputs the product X 3 to the output controlling unit 102. The multiplication herein is a multiplication in the polynomial ring as described above. The output controlling unit 102 outputs the input data X 3 as 25 output data of the finite field polynomial cubing unit 10. Next, it is explained about an internal configuration and performances of the finite field polynomial multiplying unit 100. (Internal Configuration of Finite Field Polynomial Multiplying Unit 100) 30 FIG. 4 is a diagram showing an example of the internal structure of the finite field polynomial multiplying unit 100. The finite 997284_ 1 (GHManers) 8/01/10 8 field polynomial multiplying unit 100 multiplies the 32 bit first input data X and the 32 bit second input data Y in the polynomial ring with a value in the finite field GF (28) as a coefficient and outputs an output data D with 32 bits. A residual polynomial of the polynomial 5 ring herein is denoted L(X)=X 4 - 1 and a primitive polynomial m(x) of the finite field GF (28) is denoted m(x)=x 5 +x 4 +x 3 +x+1. Prior to an explanation about performances of the finite field polynomial multiplying unit 100, it is explained briefly about an operation in the finite field GF (28) and an operation in the polynomial ring. 10 Firstly, it is explained about the operation in the finite field GF (28). For the operation in the finite field GF (28), if a value of each bit of the 8 bit data A is denoted a7, a6, - , aO from a high-ordered bit, a polynomial of the seventh order a(x)=a7 xx 7 +a6xX 6 +- - - +alxx+aO is considered by associating is with the values. Similarly, denoting a value of each bit of the 8 bit data b7, b6, - - - , bO from a high-ordered bit, a polynomial of the seventh order b(x)=b7xx 7 +b6+x 6 +- - - +blxx+b0 is considered by associating with the values. Herein, the sum C of A and B in the finite field GF (28) is a result of which the sum c(x) calculated 20 c(x)=a(x)+b(x) in the finite field GF (2) is converted into 8 bit data by associating the 8 bit data with the polynomial of the seventh order which is described above. That is, taking c(x)=c7 xx 7 +c6+ x 6 +. - - +clxx+cO, it is obtained as follow: c7=a7+b7 25 c6=a6+b6 cl=al+bl cO=aO+bO Here, an addition "+" between the 1 bit data and the 1 bit data is all 30 performed in the finite field GF (2). That is, 0+0=1+1=0 and 997284_1 (GHMatters) 8/01/10 - 9 therefore calculated as 0+1=1+0=1. From the above, the addition in the finite field (28) is nothing but performing an exclusive OR operation for each bit. In other words, the result C of the sum of A and B is denoted C=A(+)B. 5 Next, a multiplication in the finite field GF (28) is explained. As described above, when 8 bit data A, B and C are denoted as the seventh order polynomials a(x), b(x) and c(x), the result C of multiplying 8 bit data A and B is obtained by following equation using corresponding seventh order polynomials a(x), b(x) and c(x). 10 c(x)=a(x)xb(x) mod m(x) Here, "f(x) mod g(x)" is a residual calculation result of residual calculation f(x) modulo g(x) and m(x) is, as described before, a primitive polynomial m(x)=x 8 +x 4 +x 3 +x+1 in the finite field GF(2 8 ). Also, the polynomial multiplication herein, an addition and a 15 multiplication of coefficients by residual calculation, are calculated in the finite field GF (2). The addition in the finite field GF (2) is as described and the multiplication is given OxO=Oxl =1x0=0, lxl=1. An example of the multiplication is explained. Given A=57 (hexadecimal) and B=83 (hexadecimal), a(x)=x 6

+X

4 +x 2 +x+1 and 20 b(x)=x 7 +x+1. Then, a(x)xb(x)=x1 3 +x "+x 9 +x 8 +x6 + 4 +Xx 3 +1 and so a(x)xb(x) mod m(x)=x 7 +x 6 +1. Therefore, the result C of multiplying A and B is hexadecimal C1. Next, it is explained about an operation in the polynomial ring with a value in the finite field GF (28) as a coefficient. In an 25 operation in the polynomial ring, when each byte of the 32 bit data A is denoted AO, Al, A2 and A3 from the high-ordered byte, 1 byte data AO to A3 are applied to the third order polynomial A(X)=AO+A1xX+A2xX2+A3 xX3. Similarly, when each byte of 32 bit data B and C are respectively denoted BO, B1, B2, B3 and CO, C1, 997284_1 (GHManers) 8/01/10 - 10 - C2 and C3, the 1 byte data BO to B3 and CO to C3 are respectively applied to the following polynomials of B(X)=BO+B1xX+B2xX 2 +B3x X 3 and C(X)=CO+C1xX+C2xX2+C3xX3. Herein, the addition in the polynomial ring is obtained by 5 C(X)=A(X)+B(X). The addition of polynomial coefficients herein is an addition in the finite field GF (28) as explained above. In other words, the addition of 32 bit data A and B can be obtained only performing an exclusive OR operation for each bit. Next, the multiplication in the polynomial ring is explained. 10 Given 32 bit data C as the result of multiplying the 32 bit data A and B, as explained above, when each data is applied to the third order polynomials A(X), B(X) and C(X), the multiplication in the polynomial ring is expressed as the following polynomial operation: C(X)=A(X)xB(X) mod L(X) i5 Here, L(X) is, as explained, L(X)=X 4 -1 and the addition and multiplication of the polynomial coefficients are calculated in the finite field GF (28). Therefore, the above equation is calculated as follows: C(X)= AOxBO +(AOxB1+A1xBO)xX 20 +(AOxB2+A2xBO+A1x B1)xX 2 +(AOxB3+A1xB2+A2xB1+A3xBO)xX3 +(A1xB3+A3xB1+A2xB2)xX4 +(A2xB3+A3xB2) xX 5 +(A3xB3)xX 6 (mod X 4 -1) 25 Herein, X4=1(mod X 4 -1) so that the above equation can be modified further as follows: C(X)= (AOxBO+A3xB1+A2xB2+A1xB3) +(AixBO+AOxB1+A3xB2+A2xB3)xX +(A2xBO+A1xB1+AOxB2+A3xB3)xX2 30 +(A3xBO+A2xB1+A1xB2+AOxB3)xX3 Therefore, C can be calculated as follows: 997284_1 (GHMatters) 8/01/10 - 11 ~ CO=AOxBO+A3xB1+A2xB2+A1xB3 Cl =A1xBO+AOxB1+A3xB2+A2xB3 C2=A2xBO+A1xB1+AOxB2+A3xB3 C3=A3xBO+A2xB1+A1xB2+AOxB3 5 The addition "+" and the multiplication "x" herein are operated in the finite field GF (28). With that, the explanation about the operations in the polynomial ring and in the finite field GF (28) is closed. Then, it is now explained about a performance of the finite field polynomial 10 multiplying unit 100. The finite field polynomial multiplying unit 100 is a processing unit which multiplies two blocks of input data in the polynomial ring with a value in the finite field GF (28) as a coefficient. It is composed of a finite field multiplying unit 110, data splitting units 111 to 112, 15 data adding units 113 to 115, a data integrating unit 116, and an operation controlling unit 117. The finite field multiplying unit 110 performs multiplication in the finite field GF (28). Each of the data splitting units 111 and 112 splits 32 bit input data into four blocks of data each having 8 bits. 20 Each of the data adding units 113 to 115 adds two input data in the finite field GF (28). The data integrating unit 116 integrates four blocks of 8 bit data and outputs them as 32 bit data. The operation controlling unit 117 performs input control of multiplicands and multipliers inputted from the data splitting unit 111 and the data 25 splitting unit 112 to the finite field multiplying unit 110 and output destination control of data outputted from the finite field multiplying unit 110. Hereafter, it is explained about performances of the finite field polynomial multiplying unit 100. The data splitting unit 111 splits the first input data with 32 30 bits, from a high-ordered byte, into four blocks of data having 8 bits each. Here, the four data blocks are denoted, from the high order 99724_1 (GHManers) 8/01/10 - 12 WO 2005/036811 PCT/JP2004/014570 byte, XO, X1, X2 and X3. The data splitting unit 112 similarly splits the second input data with 32 bits, from the high-ordered byte, into four blocks of data having 8 bits each. Here, the four blocks of data are denoted, from the high-ordered byte, YO, Y1, Y2 and Y3. 5 Hereafter, the operation controlling unit 117 controls input and output data when necessary and the finite field multiplying unit 110 and the data adding units 113 to 115 are calculates the bit data DO, D1, D2 and D3 according to the following equations (1) to (4). DO=XOxYO+X3xY1+X2xY2+X1xY3 - - - (1) 10 D1=XlxYO+XOxY1+X3xY2+X2xY3 - - - (2) D2=X2xYO+X1xY1+XOxY2+X3xY3 - - - (3) D3=X3xYO+X2xY1+X1xY2+XOxY3 - - - (4) Note that all of the multiplications "x" and the additions "+" are operated in the finite field GF (28). The reason why the above 15 equations indicate the product of data X and data Y is as explained above. It is now explained only about performances of the finite polynomial multiplying unit 100 for calculating the data DO. The data D1 to D3 are calculated by the similar performances. 20 The operation controlling unit 117 selects, as inputs to the finite field multiplying unit 110, data XO from the data XO to X3 and data YO from the 8 bit data YO to Y3. The finite field multiplying unit 110 multiplies data XO and data YO in the finite field GF (28) and outputs the multiplication result as data ZO. That is, 25 ZO=XOXYO is calculated. Next, by similar performances, the finite field multiplying unit 110 multiplies data X3 and Y1 in the finite field GF (28) and outputs the calculation result as data Z1. That is, 30 Z1=X3xY1 is calculated. Similarly, Z2=X2xY2 - 13 - WO 2005/036811 PCT/JP2004/014570 Z3=X1 xY3 are calculated. After outputting the ZO to Z3, the data adding units 113 to 115 add data ZO to Z3 in the finite field GF (28). That is, 5 DO=ZO+Z1+Z2+Z3 is calculated. Note that the addition in the finite field GF (28) is no other than the exclusive OR operation for each bit itself. Therefore, the above calculations equal to perform the exclusive OR operation on the data ZO to Z3 for each bit value. Similarly, the data adding io units 113 to 115 are obtained by calculating the following equations: D1=X1xYO+XOxY1+X3xY2+X2xY3 D2=X2xYO+X1xYl+XOxY2+X3xY3 D3=X3xYO+X2xY1+X1xY2+XOxY3 The data integrating unit 116 connects data DO, D1, D2 and D3 from 15 the high-ordered byte and outputs the 32 bit data D as output data of the finite field polynomial multiplying unit 100. Next, it is explained about an internal configuration and performances of the first converter 14. (Internal Structure of First Converter 14) 20 FIG. 5 is a diagram showing an example of the internal configuration of the first converter 14. The first converter 14 is a processing unit which performs a predetermined conversion on the 32 bit input data X using an operation in the finite field GF (28) and outputs the 32 bit output 25 data Y. It is composed of a data splitting unit 20, a data integrating unit 21, a constant storing unit 22 and a finite field multiplying unit 210. The data splitting unit 20 splits the 32 bit input data into four blocks of 8 bit data. The data integrating unit 21 integrates the four blocks of 8 bit data and outputs them as the 32 bit data. The 30 constant storing unit 22 stores four 8 bit constants C1 to C4. The finite field multiplying unit 210 multiplies the two blocks of 8 bit input data in the finite field GF (28) and outputs 8 bit output data. -14- WO 2005/036811 PCT/JP2004/014570 Hereafter, it is explained about performances of the first converter 14 are explained. The data splitting unit 20 splits the 32 bit input data, from the high-ordered byte, into blocks of data having 8 bits each. Here, 8 5 bit data after the split is denoted data X0, X1, X2 and X3 from the high-ordered byte. The finite field multiplying unit 210 multiplies the data X0 and the 8 bit constant C1 stored in the constant storing unit 22 in the finite field GF (28) and outputs the result as output data YO. Similarly, the finite field multiplying unit 210 i ) io multiplies the data X1 and the constant C2 and outputs as data Y1, ii) multiplies the data X2 and the constant C3 and outputs as data Y2, and iii) multiplies the data X3 and the constant C4 and outputs as data Y3. According to the series of performances following equations are calculated: 15 Y0=C1xX0 Yl=C2 xX1 Y2=C3 x X2 Y3=C4xX3 Note that all of the multiplications "x" are calculated in the finite 20 field GF (28). After the processing, the data integrating unit 21 connects data YO, Y1, Y2 and Y3 from the high-ordered byte and outputs the 32 bit data Y as output data of the first converter 14. (Internal Configuration of Second Converter 15) 25 As shown in FIG. 6, for the internal configuration of the second converter 15, the constants stored in the constant storing unit 32 C1, C2, C3 and C4 in the first converter 14 are respectively changed to C5, C6, C7 and C8 in the second converter 15. Otherwise, other internal configurations and performances of the 30 second converter 15 are same as of the first converter 14. Therefore, the explanations for the details are not repeated in here. Next, with reference to FIG. 7, it is explained about the -15- WO 2005/036811 PCT/JP2004/014570 internal configurations and performances of the finite field multiplying units 110, 210 and 310. (Internal configurations of the finite field multiplying units 110, 210 and 310) 5 The finite field multiplying units 110, 210 and 310 have same internal configuration and perform same performance. Therefore, the performance of the finite field multiplying unit 110 is only explained in here. Whereas the multiplication method in the finite field GF (28) is as explained above, the configuration for realizing io the calculation in a circuit compact in size is explained in here. The finite field multiplying unit 110 is a processing unit which multiplies the first 8 bit input data X and the second 8 bit input data Y in the finite field GF (28) and outputs 8 bit output data Z. It is composed of a first input controlling unit 411, a second input 15 controlling unit 414, an output controlling unit 412, a finite field doubling unit 410, a data integrating unit 413, and a data splitting unit 415. Each of the first input controlling unit 411 and the second input controlling unit 414 performs control for selecting either one of 20 the two input data blocks and outputting the selected data block. The finite field doubling unit 410 doubles the input data in the finite field GF (28). The data integrating unit 413 integrates two input data. The data splitting unit 415 splits the input data into a plurality of data. Hereafter, it is explained about performances of 25 the finite field multiplying unit 110. First, the data splitting unit 415 splits 8 bit second input data Y into one bit each from the high-ordered bit and each value is denoted Y7, Y6, - , and YO. Then, the following processes (1) to (5) are repeated in the order of i=7, 6, 5, 4, 3, 2, 1 and 0. 30 (1) The first input controlling unit 411 inputs, into the finite field doubling unit 410, an initial value=0 of the 8 bits when i=7 and inputs 8 bit data to be outputted from the output controlling unit 412 -16 - WO 2005/036811 PCT/JP2004/014570 when i*7. (2) The finite field doubling unit 410 doubles the 8 bit data inputted from the first input controlling unit 411 in the finite field GF (28) and inputs the 8 bit data which is the result into the data 5 integrating unit 413. (3) The second input controlling unit 414 inputs, into the data integrating unit 413, 8 bit constant 0 when Yi (i=7,6, ,0) or the first input data X for other cases. (4) The data integrating unit 413 performs exclusive OR io operation for each bit on the 8 bit data inputted from the finite field doubling unit 410 and the 8 bit data inputted from the second input controlling unit 414 and inputs the 8 bit data resulting from the operation into the output controlling unit 412. (5) The output controlling unit 412 inputs, for given i#0, the 15 8 bit data inputted from the data integrating unit 413 into the first input controlling unit 411. After that, the value of i is reduced only 1 and the processing is restarted from the process (1). For given i=0, the output controlling unit 412 outputs the 8 bit data inputted from the data integrating unit 413 as output data of the finite field 20 multiplying unit 110. Then, the block of processes is terminated. It is briefly explained about the reason why the multiplication of the first input data X and the second input data Y can be calculated through the above mentioned processes. Taking values Y7, Y6, - , and YO for each bit, the second 25 input data is denoted: Y=Y7x2 7 +Y6x2 6 +- - +Yix2'+ - +YO So, XxY=Xx(Y7x2 7 +Y6x2 6 + '- - +Yix2'+ - +YO) =( - - - (((((0+XxY7)x2+XxY6)x2+XxY5)x2+XxY4) 30 x2+XxY3)- - -)x2+XxYO This equation is a basis of the above mentioned processes. Next, it is explained about an internal configuration and -17- WO 2005/036811 PCT/JP2004/014570 performances of the finite field doubling unit 410. (Internal Configuration of Finite Field Doubling Unit 410) FIG. 8 is a diagram showing the internal configuration of the finite field doubling unit 410. 5 The finite field doubling unit 410 doubles the inputted 8 bit data X in the finite field GF (28) and outputs the 8 bit data Y as the result. It is composed of a data splitting unit 511, a data integrating unit 512 and data integrating units 513 to 515. The data splitting unit 511 splits the input data into data for io each 1 bit. The data integrating unit 512 integrates a plurality of input data into single data and outputs the integrated data. Each of the data integrating units 513 to 515 integrates two blocks of input data. Hereafter performances of the finite field doubling unit 410 are explained. 15 Firstly, the data splitting unit 511 splits the 8 bit input data X into one bit each from the high-ordered bit and outputs as data X7, X6, - - - , XO from the high-ordered bit. Next, the data integrating unit 513 performs exclusive OR operation between the data X7 and data X3 and outputs the result as data Y4. The data integrating 20 unit 514 performs exclusive OR operation between the data X7 and data X2 and outputs the result as data Y3. The data integrating unit 515 performs exclusive OR operation between the data X7 and data XO and outputs the result as data Y1. Also, the data X6, X5, X4, X1 and X7 are respectively denoted data Y7, Y6, Y5, Y2 and YO. The 25 data integrating unit 512 outputs, as output data of the finite field doubling unit 410, 8 bit data which data Y7, Y6, Y5, , YO are integrated in this order from the high-ordered bit. By denoting, for each bit X7, X6, - , and XO composed of the 8 bit input data X: 30 Y7=X6 Y6=X5 Y5=X4 - 18 - Y4=X3 (+) X7 Y3=X2 (+) X7 Y2=X1 Yl=XO (+) X7 5 YO=X7 the finite field doubling unit 410 calculates values of each bit Y7, Y6, and YO composed of the 8 bit output data Y. The output data Y herein indicates a result of doubling the input data X in the finite field GF (28). It is explained in the following. 10 The input data X is denoted by a following polynomial of a whose coefficient is the value in the finite field GF (2). X7xa 7 +6xa 6+. - +Xlxa +XO Herein, doubling in the finite field GF (28) means to multiply a to the above polynomial. Therefore, 15 X7xa 8+X6xa 7+- - +Xlxa 2 +XOxa Here, the primitive polynomial is x 8 +x4+x 3 +x+1 so holds a 8=a 4 +a 3 +a +1. Therefore, the above polynomial is reconstructed to, X6xa 7 +X5xa 6 +X4xa 5 +(X3+X7)xa 4 +(X2+X7)xa 3 +Xlxa + 20 (XO+X7) This polynomial corresponds to: Y7xa 7 +Y5xa6+- - - +Ylxa +YO Thus, the reason why the processes by the finite field doubling unit 410 are performed is explained. 25 The data converters 1 and 2 perform following processes on the 64 bit input data X. (1) Split the input data X into the high-ordered 32 bits and the low-ordered 32 bits and denote respectively data XO and X1. (2) Calculate TO=(XO+K1) 3 +(X1+K2) 3 and 30 T1=(XO+K3) 3 +(X1+K4) 3 . Note that the addition and multiplication herein are all calculated in the polynomial ring which determines a value in the finite field GF (28) as a coefficient. - 19 997284_1 (GHManers)8/01/10 (3) Split the 32 bits data TO into 8 bits data from the high ordered byte. The split data are respectively denoted data aO, al, a2 and a3. Also, split the 32 bit data T1 into data blocks with 8 bits each from the high ordered byte. The split data are respectively 5 denoted data bO, b1, b2 and b3. (4) Calculate GO=ClxaO| C2xa1|| C3xa2|| C4xa3 and G1=C5xbO| C6xb1|| C7xb2|| C8xb3 and output GOI| G1 as output data. Note that "|| " indicates data concatenation and the above multiplications are all calculated in the finite field GF (28). 10 As clear from the equations (1) to (4), in the multiplication in the polynomial ring with a value in the finite field GF (28) as a coefficient, even if a part of the input data is changed, the change influences all of the output data. For example, assume that the value of data XO is changed in the equations (1) to (4). The data XO is 15 used in all of the equations (1) to (4). Therefore, the change influences all of the output data DO to D3. The same thing applies to other values (XI to X3, YO to Y3). Accordingly, in the present embodiment, a high probability of data confusion can be realized using the above multiplications for the converting processing. Next, 20 in the present embodiment, an exponentiation is used instead of the multiplication of two or more variables (e.g. XxY, XxYxZ). This is because that, in the case of the multiplication of two or more variables, the result of the multiplication becomes always 0 if the value of any one of the variables is 0, that is, that there are many 25 combinations of the value of input variables which lead the value of the multiplication result 0. Thus, a good confusion probability is not shown. On the other hand, in the case of the exponentiation, the calculation result only becomes 0 when the value of the input variable is 0. Therefore, a high probability of data is guaranteed without 30 lowering the probability of data confusion as described above. Furthermore, in the present embodiment, the calculation - 20 997284_1 (GHMatters) 8/01/10 WO 2005/036811 PCT/JP2004/014570 raised to cube is used. This results in the following reasons. First, when given a conversion such as Y=X 2 using the calculation in square, an output value for the input value a is a 2. Next, an output value when a difference A is added to the input value a is 5 ( a+A)2= a0 2 + a x A+A x a+A 2 . Here, a xA=Axa and axA+ a x A =0 (both are obvious from the calculation method in the finite field GF (28)). So, (a+A)2= a 2

+A

2 . Therefore, a change value of the output value by adding the difference A to the input value is

A

2 . That is, the change value of the output value become a 1o constant output change value A 2 regardless of the input value a so that it is not a preferred characteristic in terms of the data confusion. Consequently, it is necessary to use exponentiation at least in the cube or more. In the present embodiment, the exponentiation in cube is used since a converting processing load 15 becomes higher as the exponentiation processing is more as the exponent is higher. Herein, (a +A)'=(a +A) x(a+A) x(a +A) =(a 2+ a xA+Ax a +A 2 )x( a +A) =( a 2

+A

2 )x( a +A) 20 =a 3+A x a 2+A 2 X a+A' Therefore, in the case of the cubing operation, the output difference is not constant regardless of the input value a as in the squaring operation. Note that in the case where the exponent N for exponentiation is N=2k (k is an integer of 1 or more), the output 25 value is (a+A)^(2k)=a (2 k )+A^(2k), being obtained by adding the input difference A to the input value a in exponentiation XN as the data converting processing. The following explains about that the output value becomes constant regardless of the input value. Here, "X-a" indicates X raised to the ath exponent. 30 When k=1, the exponent=2, therefore the output value based on the above explanation is ( a+A) 2 = a 2

+A

2 . Next, when k=m and the exponent=2 m , if (a+A)^(2m)=a^(2m)+A^(2m) is hold, (a+ -21- WO 2005/036811 PCT/JP2004/014570 A )^(2m+1)={( a + A )(2m) 2 ={ a ^(2m)+ A^ (2m) }2= a ^(2m+1)+ A ^(2m+1) is hold. Therefore, the above equation is hold when k=m+1. Accordingly, it is indicated that, by the mathematical induction, for an arbitral integer k which is one or larger, the equation ( a+ 5 A)^(2k)= a^-(2k)+A^(2k) is hold. Consequently, it is shown that the exponent can be a value other than 2 k (k is an integer of 1 or larger). That is, whereas 3 is used of the exponent in the present embodiment, the value may be the value of 3 or larger other than 2 k (k is an integer of 1 or larger) unless it does not mind to take some 1o time for the processing in the data converter. Also, in the present embodiment, an addition (exclusive OR operation) by a constant K is calculated before the exponentiation such as (X+K) 3 . Here, by changing the constant K, many variations can be given to the converting processing in the data converter. For 15 example, different converting processing can be used for authenticating each subject to be authenticated by using different constant K depending on the subject to be authenticated. Herein, when the value of (X+K) 3 is 0 is only when X=Y. Therefore, a merit of guaranteeing high probability of data confusion 20 is not lost by using the exponentiation as described. Also, in the present embodiment, the same exponentiation in cube is performed on four data blocks of AO to A3. However, it is not necessary to be in the same exponent but the exponent may be different from one another. 25 Further, the data converter according to the present embodiment uses an operation processing in the finite field GF (28) for the processing which becomes a core for the data confusion. Therefore, a circuit can be shared with the operation circuit in the finite field GF (28), being used for the error-correcting code circuit 30 such as Reed-Solomon codes and Bose-Chaudhuri-Hocquenghem (BCH) codes. As the consequence, an implementation size in an appliance as a whole can be reduced and the appliance -22- WO 2005/036811 PCT/JP2004/014570 implementation in a compact circuit size is realized. Note that each data size of the present invention is just an example and it can be beyond the data size. Also, the primitive polynomial and the residue polynomial according to the present 5 embodiment are just examples. Therefore, the size is not limited to this. Furthermore, the present embodiment describes about the case where the data converter is used in the authentication system. However, the data converter of the present embodiment can be used io unless it uses a secret data converter. As other applied examples of using the data converter is that, for example, it can be applied to a content distribution system as shown in FIG. 9. The content distribution system is composed on a content distribution device 7 which distributes encrypted content via broadcasting or a network, 15 and a reproduction device 8 which receives, decodes and reproduces the distributed encrypted content. The content distribution device 7 converts key seed data (data to be a seed for generating a content key) in the data converter 70 and generates the content key. The content encryption device 71 then encrypts the content data in 20 plaintext and generates the encrypted content data. After the above processing, the content distribution device 7 sends the key seed data and the encrypted content data to the reproduction device 8. The reproduction device 8 which received the data firstly, in the data converter 8, converts the key seed data and generates the 25 content key. Then, the content decoding unit 81 decodes the encrypted content data and obtains the content in plaintext. Only the reproduction device allowed to reproduce the content can prevent the content reproduction by an illegal reproduction device by mounting the same data converter which the content distribution 30 device has. Also, in the present embodiment, whereas fixed values K1 to K4 for integrating data in the data integration units 11a to 11d are -23 - WO 2005/036811 PCT/JP2004/014570 previously fixed values, these fixed values may be inputted from outside of the data converter so that a user can freely set the values. Further, the constants C1 to C4 are also previously fixed values to be stored in the constant storing unit 22. However, these values may 5 be also inputted from outside of the data converter so that the user can freely set the values. Furthermore in the present embodiment, whereas the finite field GF (28) is used as a finite field, other finite fields may be applied. For example, it may be the finite field GF (2") (n is a io natural number). Note that each functional block in the block diagrams (FIG. 2 etc.) is typically realized as an LSI which is an integrated circuit. It may be separately constructed as one chip or may be constructed as one chip including a part or the whole of the integrated circuit. 15 FIG. 10 is an outside drawing of the LSI of the error correction/data converter including a data converter having a similar function as that of the data converter shown in FIG. 2. FIG. 11 is a functional block diagram showing a configuration of the LSI of the error correction/data converter. 20 As shown in FIG. 11, the error correction/data converter 600 is an apparatus which performs data conversion after performing error correction coding on the data. It has a Reed-Solomon error correction coding unit 601 and a data converter 604. The Reed-Solomon error correction coding unit 601 is a 25 processing unit which performs Reed-Solomon error correction coding on the inputted data and output the coded data. It has a data receiving unit 602 and a coding unit 603. The data receiving unit 602 is a processing unit operable to receive data to be inputted from outside. The coding unit 603 is a processing unit which, 30 responding to the data receiving unit 602, performs the Reed-Solomon error correction coding by performing the multiplication in the finite field GF (2") on the data received at the -24- WO 2005/036811 PCT/JP2004/014570 data receiving unit 602. The coding unit 603 has a finite field multiplying unit 110 which performs multiplication in the finite field GF (2") on the data. A configuration of the finite field multiplying unit 110 is as described above. 5 While the data converter 604 has a configuration similar to that of the data converter 1(2), it uses a finite field polynomial multiplying unit 605 in place of the finite field polynomial multiplying unit 100, a first converter 606 in place of the first converter 14, and a second converter 607 in place of the second io converter 15. The finite field polynomial multiplying unit 605 differs from the finite field polynomial multiplying unit 100 in that it performs multiplication in the finite field GF (2") using the finite field polynomial multiplying unit 110 set in the coding unit 603. Other configurations of the finite field polynomial multiplying unit 605 are 15 same as- those of the finite field polynomial multiplying unit 110. The first converter 606 differs from the first converter 14 in that it performs multiplication in the finite field GF (2") using the finite field multiplying unit 110 set in the coding unit 603. Other configurations of the first converter 606 are same as those of the 20 first converter 14. The second converter 607 differs from the second converter 15 in that it performs multiplication in the finite field GF (2") using the finite field multiplying unit 110 set in the coding unit 603. Other configurations of the second converter 607 are same as those of the second converter 15. 25 Accordingly, the Reed-Solomon error correction coding unit 601 and the data converter 604 can share the finite field multiplying unit 110. Therefore, a circuit scale of the LSI can be reduced. Here, the error correction/data converter 600 is realized by the LSI. However, it may be called as IC, system LSI, super LSI and 30 ultra LSI depending on the difference of the integration density. In addition, a method of constructing the integrated circuit is not limited to the LSI. It can be realized by a special circuit or a -25general processor. A Field Programmable Gate Array (FPGA) capable of programming and a reconfigurable processor capable of reconfiguring a connection and a setting of the circuit cell inside the LSI after manufacturing the LSI may be used. 5 Furthermore, if a technique of constructing the integrated circuit which can be replaced of the LSI according to the development of the semiconductor technology and an emerging technology is introduced, the functional block may be of course integrated using the newly introduced technique. As another technology, it is possible that a biotechnology and 10 the like may be used. Although only an exemplary embodiment of this invention has been described in detail above, those skilled in the art will readily appreciate that many modifications are possible in the exemplary embodiment without materially departing from the novel teachings and advantages of this is invention. Accordingly, all such modifications are intended to be included within the scope of this invention. In the claims which follow and in the preceding description, except where the context requires otherwise due to express language or necessary implication, the word "comprise" or variations such as "comprises" or 20 "comprising" is used in an inclusive sense, i.e. to specify the presence of the stated features but not to preclude the presence or addition of further features in various embodiments of the invention. It is to be understood that, if any prior art publication is referred to herein, such reference does not constitute an admission that the 25 publication forms a part of the common general knowledge in the art, in Australia or any other country. Industrial Applicability The data converter according to the present invention can reduce a 30 scale of a circuit as a whole including a data converter by sharing a data conversion with an error correction coding circuit. Therefore, for example, it is useful for an apparatus having a function of authenticating a communicating partner via a communication channel. Also, not only limited - 26 N:\Melboume\CasesPatent\59000-59999\P5973 I AU\Specis\P5973l AU Spcification 2008-2-8 doc 14/02/08 to this example, this invention applies to any apparatuses unless they need to mount any kind of a data conversion circuit. - 27 N \Melboume\Cases\Patent\59000-59999\P59731 AU\Specis\P5973 I AU Specification 2008-2-8 doc 14/02108

Claims (20)

1. A data converter comprising: an obtaining unit operable to obtain a plurality of data blocks; 5 a conversion performing unit operable to perform conversion on each one of the plurality of data blocks, the conversion being based on an exponentiation to a predetermined exponent in a polynomial ring with a value in a finite field GF ( 2 n) as a coefficient, the n being a natural number, and the exponentiation using a predetermined value as an exponent; and 10 an output data generating unit operable to generate output data based on the plurality of data blocks converted by the conversion performing unit, wherein the predetermined value is a value that is 3 or larger and other than 2', the m being an integer which is 1 or larger, and in the 15 polynomial ring, addition of a coefficient of a polynomial is addition in the finite field GF (2"), and multiplication of a coefficient of a polynomial is multiplication in the finite field GF (2").
2. The data converter according to Claim 1, further comprising 20 a finite field multiplying unit operable to perform multiplication in the finite field GF (2"), wherein the conversion performing unit performs exponentiation using the finite field multiplying unit. 25
3. The data converter according to Claim 1, wherein the conversion performing unit includes: an adding subunit operable to add, in the polynomial ring, a predetermined constant and each one of the plurality of data blocks obtained by the obtaining unit, the predetermined constant being the same 30 or variable depending on said each data block; and a conversion performing subunit operable to perform conversion on said each one of the plurality of data blocks to which the constant is added by the adding subunit, the conversion being based on the exponentiation in - 28 2229943_1 (GHManers) 20/04/10 the polynomial ring.
4. The data converter according to Claim 1, wherein the output data generating unit includes: 5 an adding subunit operable to perform addition in the polynomial ring among the plurality of data blocks converted by the conversion performing unit; and a multiplying subunit operable to multiply, in the finite field GF (2n), a result of the addition by the adding subunit by a predetermined constant. 10
5. The data converter according to Claim 4, further comprising a finite field multiplying unit operable to perform multiplication in the finite field GF (2"), wherein the conversion performing unit performs exponentiation is using the finite field multiplying unit, and the multiplying subunit performs multiplication using the finite field multiplying unit.
6. A data conversion method comprising: 20 obtaining a plurality of data blocks; performing conversion on each one of the plurality of data blocks, the conversion being based on an exponentiation in a polynomial ring with a value in a finite field GF (2") as a coefficient, the n being a natural number, and the exponentiation using a predetermined value as an exponent; and 25 generating output data based on the plurality of data blocks converted by the conversion performance, wherein the predetermined value is a value that is 3 or larger and except 2 m, the m being an integer which is 1 or larger, and in the polynomial ring, addition of a coefficient of a polynomial is addition in the 30 finite field GF (2"), and multiplication of a coefficient of a polynomial is multiplication in the finite field GF (2").
7. The data conversion method according to Claim 6, - 29 2229943_1 (GiMatters) 20/04/10 wherein in the conversion performance, the exponentiation is performed using a finite field multiplying unit operable to perform multiplication in the finite field GF (2"). 5
8. The data conversion method according to Claim 6, wherein the conversion performance includes: adding, in the polynomial ring, a predetermined constant and each one of the plurality of split data blocks, the predetermined constant being the same or variable depending on said each data block; and 10 performing conversion on said each one of the plurality of data blocks to which the constant is added by the addition, the conversion being based on the exponentiation to a predetermined exponent in the polynomial ring. 15
9. The data conversion method according to Claim 6, wherein the output data generation includes: performing addition in the polynomial ring among the plurality of data blocks converted by the conversion performance; and multiplying, in the finite field GF (2"), a result of the addition by a 20 predetermined constant.
10. The data conversion method according to Claim 9, wherein in the conversion performance, the exponentiation is performed using a finite field multiplying unit operable to perform 25 multiplication in the finite field GF (2"); and in the multiplication, the multiplication is performed using the finite field multiplying unit operable to perform multiplication in the finite field GF (2"). 30
11. An integrated circuit comprising: a finite field multiplying unit operable to perform multiplication in a finite field GF (2n), the n being a natural number; an error-correction coding unit operable to perform error-correction - 30 22299431 (GHMatters) 20/04/10 coding on input data by performing multiplication in the finite field GF (2") using the finite field multiplying unit; a splitting unit operable to split the input data into a plurality of data blocks; 5 a conversion performing unit operable to perform conversion on each one of the plurality of data blocks, the conversion being based on an exponentiation to a predetermined exponent in a polynomial ring with a value in the finite field GF (2") as a coefficient and the exponentiation using a predetermined value as an exponent; and 10 an output data generating unit operable to generate output data based on the plurality of data blocks converted by the conversion performing unit, wherein the predetermined value is a value that is 3 or larger and other than 2', the m being an integer that is 1 or larger, and in the 15 polynomial ring, addition of a coefficient of a polynomial is addition in the finite field GF (2n), and multiplication of a coefficient of a polynomial is multiplication in the finite field GF (2").
12. The integrated circuit according to Claim 11, 20 wherein the conversion performing unit includes: an adding subunit operable to add, in the polynomial ring, a predetermined constant and each one of the plurality of data blocks split by the splitting unit, the predetermined constant being the same or variable depending on said each data block; and 25 a conversion performing subunit operable to perform conversion, using the finite field multiplying unit, on said each one of the plurality of data blocks to which the constant is added by the adding subunit, the conversion being based on the exponentiation in the polynomial ring. 30
13. The integrated circuit according to Claim 11, wherein the output data generating unit includes: an adding subunit operable to perform addition in the polynomial ring among the plurality of data blocks converted by the conversion - 31 2229943_ 1 (GHMatters) 20/04/10 performing unit; and a multiplying subunit operable to multiply, in the finite field GF (2"), the result of the addition by the adding subunit by a predetermined constant using the finite field multiplying unit. 5
14. A program that causes a computer to execute: obtaining a plurality of data blocks; performing conversion on each one of the plurality of data blocks using a finite field multiplying unit operable to perform multiplication in a 10 finite field GF ( 2 "n), the n being a natural number, the conversion being based on an exponentiation in a polynomial ring with a value in the finite field GF ( 2 ") as a coefficient; and the exponentiation using a predetermined value as an exponent; and generating output data based on the plurality of data blocks 15 converted by the conversion performance, wherein the predetermined value is a value that is 3 or larger and other than 2"', the m being an integer which is 1 or larger, and in the polynomial ring, addition of a coefficient of a polynomial is addition in the finite field GF (2"), and multiplication of a coefficient of a polynomial is 20 multiplication in the finite field GF (2").
15. The program according to Claim 14, wherein the conversion performance includes: adding, in the polynomial ring, a predetermined constant and each 25 one of the plurality of data blocks, the predetermined constant being the same or variable depending on said each data block; and performing conversion on said each one of the plurality of data blocks added by the addition using the finite field multiplying unit, the conversion being based on the exponentiation in the polynomial ring. 30
16. The program according to Claim 14, wherein the output data generation includes: performing addition in the polynomial ring among the plurality of - 32 2229943 I (GHManers) 20/04/10 data blocks converted by the conversion performance; and multiplying, in the finite field GF (2"), a result of the addition by a predetermined constant using the finite field multiplying unit. 5
17. A data converter as claimed in any one of claims 1 to 5, and substantially as herein described with reference to the accompanying drawings.
18. A method as claimed in any one of claims 6 to 10, and substantially 10 as herein described with reference to the accompanying drawings.
19. An integrated circuit as claimed in any one of claims 11 to 13, and substantially as herein described with reference to the accompanying drawings. 15
20. A program as claimed in any one of claims 14 to 17, and substantially as herein described with reference to the accompanying drawings. - 33 2229943_1 (GHMatters) 20/04/10
AU2004306594A 2003-10-14 2004-09-28 Data converter Active AU2004306594B2 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
JP2003-353439 2003-10-14
JP2003353439 2003-10-14
PCT/JP2004/014570 WO2005036811A2 (en) 2003-10-14 2004-09-28 Data converter

Publications (2)

Publication Number Publication Date
AU2004306594A1 AU2004306594A1 (en) 2005-04-21
AU2004306594B2 true AU2004306594B2 (en) 2010-05-20

Family

ID=34431158

Family Applications (1)

Application Number Title Priority Date Filing Date
AU2004306594A Active AU2004306594B2 (en) 2003-10-14 2004-09-28 Data converter

Country Status (11)

Country Link
US (2) US6995692B2 (en)
EP (1) EP1673690B1 (en)
KR (1) KR101103443B1 (en)
CN (1) CN100555213C (en)
AT (1) AT479142T (en)
AU (1) AU2004306594B2 (en)
CA (1) CA2535741C (en)
DE (1) DE602004028849D1 (en)
MY (1) MY142578A (en)
TW (1) TWI353764B (en)
WO (1) WO2005036811A2 (en)

Families Citing this family (34)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6307487B1 (en) 1998-09-23 2001-10-23 Digital Fountain, Inc. Information additive code generator and decoder for communication systems
US7068729B2 (en) * 2001-12-21 2006-06-27 Digital Fountain, Inc. Multi-stage code generator and decoder for communication systems
US9288010B2 (en) 2009-08-19 2016-03-15 Qualcomm Incorporated Universal file delivery methods for providing unequal error protection and bundled file delivery services
US9419749B2 (en) 2009-08-19 2016-08-16 Qualcomm Incorporated Methods and apparatus employing FEC codes with permanent inactivation of symbols for encoding and decoding processes
US9240810B2 (en) * 2002-06-11 2016-01-19 Digital Fountain, Inc. Systems and processes for decoding chain reaction codes through inactivation
ES2445761T3 (en) * 2002-06-11 2014-03-05 Digital Fountain, Inc. Decoding chain reaction codes by inactivation
CN100539439C (en) 2002-10-05 2009-09-09 数字方敦股份有限公司 Systematic encoding and decoding system and method of chain reaction codes
KR101183843B1 (en) 2003-10-06 2012-09-19 디지털 파운튼, 인크. Error-correcting multi-stage code generator and decoder for communication systems having single transmitters or multiple transmitters
CN101019326B (en) * 2004-05-07 2013-02-27 数字方敦股份有限公司 File download and streaming system
US9386064B2 (en) * 2006-06-09 2016-07-05 Qualcomm Incorporated Enhanced block-request streaming using URL templates and construction rules
US9432433B2 (en) * 2006-06-09 2016-08-30 Qualcomm Incorporated Enhanced block-request streaming system using signaling or block creation
US9380096B2 (en) 2006-06-09 2016-06-28 Qualcomm Incorporated Enhanced block-request streaming system for handling low-latency streaming
US9178535B2 (en) * 2006-06-09 2015-11-03 Digital Fountain, Inc. Dynamic stream interleaving and sub-stream based delivery
US9209934B2 (en) * 2006-06-09 2015-12-08 Qualcomm Incorporated Enhanced block-request streaming using cooperative parallel HTTP and forward error correction
US7870399B2 (en) * 2006-02-10 2011-01-11 Arxan Defense Systems Software trusted platform module and application security wrapper
KR101292851B1 (en) 2006-02-13 2013-08-02 디지털 파운튼, 인크. Streaming and buffering using variable fec overhead and protection periods
US9270414B2 (en) * 2006-02-21 2016-02-23 Digital Fountain, Inc. Multiple-field based code generator and decoder for communications systems
US7971129B2 (en) 2006-05-10 2011-06-28 Digital Fountain, Inc. Code generator and decoder for communications systems operating using hybrid codes to allow for multiple efficient users of the communications systems
CN101802797B (en) * 2007-09-12 2013-07-17 数字方敦股份有限公司 Generating and communicating source identification information to enable reliable communications
JP4649456B2 (en) * 2007-09-26 2011-03-09 株式会社東芝 Power calculation apparatus, power calculation method and program
US20100211690A1 (en) * 2009-02-13 2010-08-19 Digital Fountain, Inc. Block partitioning for a data stream
US9281847B2 (en) * 2009-02-27 2016-03-08 Qualcomm Incorporated Mobile reception of digital video broadcasting—terrestrial services
US20110096828A1 (en) * 2009-09-22 2011-04-28 Qualcomm Incorporated Enhanced block-request streaming using scalable encoding
US9917874B2 (en) 2009-09-22 2018-03-13 Qualcomm Incorporated Enhanced block-request streaming using block partitioning or request controls for improved client-side handling
US9225961B2 (en) 2010-05-13 2015-12-29 Qualcomm Incorporated Frame packing for asymmetric stereo video
US9596447B2 (en) 2010-07-21 2017-03-14 Qualcomm Incorporated Providing frame packing type information for video coding
US8806050B2 (en) 2010-08-10 2014-08-12 Qualcomm Incorporated Manifest file updates for network streaming of coded multimedia data
US9270299B2 (en) 2011-02-11 2016-02-23 Qualcomm Incorporated Encoding and decoding using elastic codes with flexible source block mapping
US8958375B2 (en) 2011-02-11 2015-02-17 Qualcomm Incorporated Framing for an improved radio link protocol including FEC
US9253233B2 (en) 2011-08-31 2016-02-02 Qualcomm Incorporated Switch signaling methods providing improved switching between representations for adaptive HTTP streaming
CN102314330B (en) * 2011-09-09 2013-12-25 华南理工大学 Composite finite field multiplier
US9843844B2 (en) 2011-10-05 2017-12-12 Qualcomm Incorporated Network streaming of media data
US9294226B2 (en) 2012-03-26 2016-03-22 Qualcomm Incorporated Universal object delivery and template-based file delivery
CN106445464B (en) * 2016-10-13 2019-04-02 深圳职业技术学院 A kind of compound Galois field multiplier based on model aroused in interest

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6202076B1 (en) * 1997-01-29 2001-03-13 Nippon Telegraph And Telephone Corporation Scheme for arithmetic operations in finite field and group operations over elliptic curves realizing improved computational speed
EP1217750A2 (en) * 2000-12-15 2002-06-26 Alcatel USA Sourcing, L.P. Optimized parallel in parallel out GF(2M) squarer for FEC decoder

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5220568A (en) * 1988-05-31 1993-06-15 Eastman Kodak Company Shift correcting code for channel encoded data
US5532694A (en) * 1989-01-13 1996-07-02 Stac Electronics, Inc. Data compression apparatus and method using matching string searching and Huffman encoding
JPH09185518A (en) * 1995-12-28 1997-07-15 Toshiba Corp System and device for generating power of source element alpha
JP3525209B2 (en) * 1996-04-05 2004-05-10 合資会社川▲崎▼電機 Calculation method for modular exponentiation circuit and modulo exponentiation systems and modular exponentiation
US6320520B1 (en) * 1998-09-23 2001-11-20 Digital Fountain Information additive group code generator and decoder for communications systems
JP2000321979A (en) 1999-05-14 2000-11-24 Matsushita Electric Ind Co Ltd Polynomial arithmetic device, device for calculating order of elliptic curve, device for generating elliptic curve, and cryptographic system for elliptic curve
US6343305B1 (en) * 1999-09-14 2002-01-29 The State Of Oregon Acting By And Through The State Board Of Higher Education On Behalf Of Oregon State University Methods and apparatus for multiplication in a galois field GF (2m), encoders and decoders using same
DE10024325B4 (en) * 2000-05-17 2005-12-15 Giesecke & Devrient Gmbh Cryptographic method and cryptographic device
US6411223B1 (en) * 2000-10-18 2002-06-25 Digital Fountain, Inc. Generating high weight encoding symbols using a basis
US7243289B1 (en) * 2003-01-25 2007-07-10 Novell, Inc. Method and system for efficiently computing cyclic redundancy checks
US6771197B1 (en) * 2003-09-26 2004-08-03 Mitsubishi Electric Research Laboratories, Inc. Quantizing signals using sparse generator factor graph codes
US6831574B1 (en) * 2003-10-03 2004-12-14 Bae Systems Information And Electronic Systems Integration Inc Multi-turbo multi-user detector

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6202076B1 (en) * 1997-01-29 2001-03-13 Nippon Telegraph And Telephone Corporation Scheme for arithmetic operations in finite field and group operations over elliptic curves realizing improved computational speed
EP1217750A2 (en) * 2000-12-15 2002-06-26 Alcatel USA Sourcing, L.P. Optimized parallel in parallel out GF(2M) squarer for FEC decoder

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
CHO YONG SUK ET AL: "Design of GF(2m) multiplier using its subfields" ELECTRONICS LETTERS, IEE STEVENAGE, GB, vol. 34, no. 7, 2 April 1998 *

Also Published As

Publication number Publication date
TWI353764B (en) 2011-12-01
DE602004028849D1 (en) 2010-10-07
MY142578A (en) 2010-12-15
US6995692B2 (en) 2006-02-07
KR20070018778A (en) 2007-02-14
KR101103443B1 (en) 2012-01-09
CA2535741A1 (en) 2005-04-21
WO2005036811A2 (en) 2005-04-21
CA2535741C (en) 2015-11-10
AT479142T (en) 2010-09-15
TW200518546A (en) 2005-06-01
AU2004306594A1 (en) 2005-04-21
WO2005036811A3 (en) 2005-06-02
CN1867889A (en) 2006-11-22
EP1673690B1 (en) 2010-08-25
US20050089161A1 (en) 2005-04-28
CN100555213C (en) 2009-10-28
EP1673690A2 (en) 2006-06-28
USRE40710E1 (en) 2009-05-12

Similar Documents

Publication Publication Date Title
Pisarchik et al. Encryption and decryption of images with chaotic map lattices
Halevi et al. MMH: Software message authentication in the Gbit/second rates
US7218734B2 (en) Ring arithmetic method, system, and apparatus
KR100296958B1 (en) Apparatus for encoding block data
KR101246490B1 (en) A closed galois field cryptographic system
US6078663A (en) Communication apparatus and a communication system
US7200232B2 (en) Method and apparatus for symmetric-key decryption
DE69929251T2 (en) Encryption system with a key of changing length
Massey SAFER K-64: A byte-oriented block-ciphering algorithm
US7649992B2 (en) Apparatuses for encoding, decoding, and authenticating data in cipher block chaining messaging authentication code
JP4128395B2 (en) Data converter
Zimmermann et al. A 177 Mb/s VLSI implementation of the international data encryption algorithm
DE60119410T2 (en) Apparatus and method for block encryption and decryption
US20030133568A1 (en) Programmable data encryption engine for advanced encryption standard algorithm
CN100583192C (en) Data converting device and data converting method
CA2267721C (en) Scheme for fast realization of encryption, decryption and authentication
US9608817B2 (en) Homomorphic evaluation including key switching, modulus switching, and dynamic noise management
US5214703A (en) Device for the conversion of a digital block and use of same
Zhang et al. On the optimum constructions of composite field for the AES algorithm
US4351982A (en) RSA Public-key data encryption system having large random prime number generating microprocessor or the like
Engels et al. Hummingbird: ultra-lightweight cryptography for resource-constrained devices
US5577124A (en) Multi-purpose high speed cryptographically secure sequence generator based on zeta-one-way functions
US6434699B1 (en) Encryption processor with shared memory interconnect
EP0635956B1 (en) Encryption apparatus, communication system using the same and method therefor
EP0839418B1 (en) Cryptographic method and apparatus for non-linearly merging a data block and a key

Legal Events

Date Code Title Description
FGA Letters patent sealed or granted (standard patent)